STIGs RMF Controls Compare

STIGhub

A free tool to search and browse the entire DISA STIG library. Saves up to 75% in security compliance research time.

Navigation

Browse STIGs
Search
RMF Controls
Compare Versions

Resources

About
Release Notes
VPAT
DISA STIG Library

STIGs updated 2 hours ago

Powered by Pylon

© 2026 Beacon Cloud Solutions, Inc. All rights reserved.

← AC-2 (1) — Account Management

CCI-000015

Definition

Support the management of system accounts using organization-defined automated mechanisms.

Parent Control

AC-2 (1)Account ManagementAccess Control

Linked STIG Checks (200)

V-204636CAT IIAAA Services must be configured to provide automated account management functions.AAA Services Security Requirements Guide V-204682CAT IIAAA Services must be configured to notify the system administrators (SAs) and information system security officer (ISSO) when accounts are created.AAA Services Security Requirements Guide V-204683CAT IIAAA Services must be configured to notify the system administrators (SAs) and information system security officer (ISSO) when accounts are modified.AAA Services Security Requirements Guide V-204684CAT IIAAA Services must be configured to notify the system administrators (SAs) and information system security officer (ISSO) for account disabling actions.AAA Services Security Requirements Guide V-204685CAT IIAAA Services must be configured to notify the system administrators (SAs) and information system security officer (ISSO) for account removal actions.AAA Services Security Requirements Guide V-204687CAT IIAAA Services must be configured to notify system administrators (SAs) and information system security officer (ISSO) of account enabling actions.AAA Services Security Requirements Guide V-274027CAT IIAmazon Linux 2023 must have the firewalld package installed.Amazon Linux 2023 Security Technical Implementation Guide V-274028CAT IIAmazon Linux 2023 must have the firewalld service active.Amazon Linux 2023 Security Technical Implementation Guide V-274081CAT IIAmazon Linux 2023 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.Amazon Linux 2023 Security Technical Implementation Guide V-274082CAT IIAmazon Linux 2023 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory.Amazon Linux 2023 Security Technical Implementation Guide V-274083CAT IIAmazon Linux 2023 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.Amazon Linux 2023 Security Technical Implementation Guide V-274084CAT IIAmazon Linux 2023 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.Amazon Linux 2023 Security Technical Implementation Guide V-274085CAT IIAmazon Linux 2023 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.Amazon Linux 2023 Security Technical Implementation Guide V-274104CAT IIAmazon Linux 2023 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.Amazon Linux 2023 Security Technical Implementation Guide V-274113CAT IIAmazon Linux 2023 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.Amazon Linux 2023 Security Technical Implementation Guide V-274114CAT IIAmazon Linux 2023 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.Amazon Linux 2023 Security Technical Implementation Guide V-268167CAT IINixOS must generate audit records for all account creations, modifications, disabling, and termination events.Anduril NixOS Security Technical Implementation Guide V-222407CAT IIThe application must provide automated mechanisms for supporting account management functions.Application Security and Development Security Technical Implementation Guide V-222417CAT IIIThe application must notify system administrators (SAs) and information system security officers (ISSOs) when accounts are created.Application Security and Development Security Technical Implementation Guide V-222418CAT IIIThe application must notify system administrators (SAs) and information system security officers (ISSOs) when accounts are modified.Application Security and Development Security Technical Implementation Guide V-222419CAT IIIThe application must notify system administrators (SAs) and information system security officers (ISSOs) of account disabling actions.Application Security and Development Security Technical Implementation Guide V-222420CAT IIIThe application must notify system administrators (SAs) and information system security officers (ISSOs) of account removal actions.Application Security and Development Security Technical Implementation Guide V-222422CAT IIIThe application must notify system administrators (SAs) and information system security officers (ISSOs) of account enabling actions.Application Security and Development Security Technical Implementation Guide V-237321CAT IThe ArcGIS Server must use Windows authentication for supporting account management functions.ArcGIS for Server 10.3 Security Technical Implementation Guide V-272627CAT IIICylanceON-PREM must be configured to use a third-party identity provider.Arctic Wolf CylanceON-PREM Security Technical Implementation Guide V-256842CAT IICompliance Guardian must provide automated mechanisms for supporting account management functions.AvePoint Compliance Guardian Security Technical Implementation Guide V-253513CAT IIDocAve must provide automated mechanisms for supporting account management functions.AvePoint DocAve 6 Security Technical Implementation Guide V-276012CAT IAx-OS must have no local accounts for the user interface.Axonius Federal Systems Ax-OS Security Technical Implementation Guide V-276014CAT IAx-OS must off-load audit records onto a different system or media than the system being audited.Axonius Federal Systems Ax-OS Security Technical Implementation Guide V-224379CAT IIThe BlackBerry UEM server must be configured to leverage the MDM platform user accounts and groups for BlackBerry UEM server user identification and CAC authentication.BlackBerry UEM Security Technical Implementation Guide V-224380CAT IIAuthentication of MDM platform accounts must be configured so they are implemented via an enterprise directory service.BlackBerry UEM Security Technical Implementation Guide V-251583CAT IIIDMS must support the implementation of an external security manager (ESM) to handle account management and user accesses, etc.CA IDMS Security Technical Implementation Guide V-206484CAT IIIFor devices and hosts within its scope of coverage, the Central Log Server must be configured to notify the system administrator (SA) and information system security officer (ISSO) when account modification events are received.Central Log Server Security Requirements Guide V-206485CAT IIIFor devices and hosts within its scope of coverage, the Central Log Server must notify the system administrator (SA) and information system security officer (ISSO) when events indicating account disabling actions are received.Central Log Server Security Requirements Guide V-206486CAT IIIFor devices and hosts within its scope of coverage, the Central Log Server must notify the System Administrator (SA) and Information System Security Officer (ISSO) when events indicating account removal actions are received.Central Log Server Security Requirements Guide V-221921CAT IIIThe Central Log Server must notify system administrators and ISSO when accounts are created.Central Log Server Security Requirements Guide V-259872CAT IThe Mission Owner must configure the customer service portal credentials for least privilege.Cloud Computing Mission Owner Operating System Security Requirements Guide V-269129CAT IIAlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-269130CAT IIAlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-269131CAT IIAlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-269132CAT IIAlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/security/opasswd.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-269133CAT IIAlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-269134CAT IIAlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-269135CAT IIAlmaLinux OS 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect the files within /etc/sudoers.d/Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-272485CAT IIAlmaLinux OS 9 must have the postfix package installed.Cloud Linux AlmaLinux OS 9 Security Technical Implementation Guide V-233019CAT IIThe container platform must use a centralized user management solution to support account management functions.Container Platform Security Requirements Guide V-233143CAT IIThe container platform must notify system administrators (SAs) and the information system security officer (ISSO) when accounts are created.Container Platform Security Requirements Guide V-233144CAT IIThe container platform must notify system administrators (SAs) and the information system security officer (ISSO) when accounts are modified.Container Platform Security Requirements Guide V-233145CAT IIThe container platform must notify system administrators and ISSO for account disabling actions.Container Platform Security Requirements Guide V-233146CAT IIThe container platform must notify system administrators and ISSO for account removal actions.Container Platform Security Requirements Guide V-233158CAT IIThe container platform must notify the system administrator (SA) and information system security officer (ISSO) of account enabling actions.Container Platform Security Requirements Guide V-233515CAT IPostgreSQL must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.Crunchy Data PostgreSQL Security Technical Implementation Guide V-261858CAT IPostgreSQL must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.Crunchy Data Postgres 16 Security Technical Implementation Guide V-255529CAT IThe DBN-6300 must provide automated support for account management functions.DBN-6300 NDM Security Technical Implementation Guide V-206520CAT IThe DBMS must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.Database Security Requirements Guide V-235780CAT IILDAP integration in Docker Enterprise must be configured.Docker Enterprise 2.x Linux/UNIX Security Technical Implementation Guide V-270910CAT IIDragos Platform must use an Identity Provider (IDP) for authentication and authorization processes.Dragos Platform 2.x Security Technical Implementation Guide V-224131CAT IThe EDB Postgres Advanced Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.EDB Postgres Advanced Server v11 on Windows Security Technical Implementation Guide V-213562CAT IThe EDB Postgres Advanced Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.EDB Postgres Advanced Server v9.6 Security Technical Implementation Guide V-259211CAT IThe EDB Postgres Advanced Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.EnterpriseDB Postgres Advanced Server (EPAS) Security Technical Implementation Guide V-228978CAT IIThe BIG-IP appliance must provide automated support for account management functions.F5 BIG-IP Device Management Security Technical Implementation Guide V-203591CAT IIThe operating system must provide automated mechanisms for supporting account management functions.General Purpose Operating System Security Requirements Guide V-203678CAT IIThe operating system must notify system administrators and ISSOs when accounts are created.General Purpose Operating System Security Requirements Guide V-203679CAT IIThe operating system must notify system administrators and ISSOs when accounts are modified.General Purpose Operating System Security Requirements Guide V-203680CAT IIThe operating system must notify system administrators and ISSOs when accounts are disabled.General Purpose Operating System Security Requirements Guide V-203681CAT IIThe operating system must notify system administrators and ISSOs when accounts are removed.General Purpose Operating System Security Requirements Guide V-203691CAT IIThe operating system must notify system administrators (SAs) and information system security officers (ISSOs) of account enabling actions.General Purpose Operating System Security Requirements Guide V-237825CAT IThe storage system must only be operated in conjunction with an LDAP server in a trusted environment if an Active Directory server is not available.HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide V-237827CAT IThe storage system must only be operated in conjunction with an Active Directory server in a trusted environment if an LDAP server is not available.HPE 3PAR StoreServ 3.2.x Security Technical Implementation Guide V-255278CAT IIThe HPE 3PAR OS must be configured for centralized account management functions via LDAP.HPE 3PAR StoreServ 3.3.x Security Technical Implementation Guide V-255288CAT IIThe HPE 3PAR OS must provide automated mechanisms for supporting account management functions via AD.HPE 3PAR StoreServ 3.3.x Security Technical Implementation Guide V-215169CAT IIAIX /etc/security/mkuser.sys.custom file must not exist unless it is needed for customizing a new user account.IBM AIX 7.x Security Technical Implementation Guide V-215181CAT IIThe shipped /etc/security/mkuser.sys file on AIX must not be customized directly.IBM AIX 7.x Security Technical Implementation Guide V-215182CAT IIThe regular users default primary group must be staff (or equivalent) on AIX.IBM AIX 7.x Security Technical Implementation Guide V-215246CAT IIAIX must provide audit record generation functionality for DoD-defined auditable events.IBM AIX 7.x Security Technical Implementation Guide V-213671CAT IIDB2 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.IBM DB2 V10.5 LUW Security Technical Implementation Guide V-255727CAT IIAccess to the MQ Appliance network element must use two or more authentication servers for the purpose of granting administrative access.IBM MQ Appliance v9.0 NDM Security Technical Implementation Guide V-82169CAT IIThe MaaS360 MDM server must be configured to leverage the MDM platform user accounts and groups for MaaS360 MDM server user identification and authentication.IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide V-82171CAT IIAuthentication of MaaS360 MDM platform accounts must be configured so they are implemented via an enterprise directory service.IBM MaaS360 with Watson v10.x MDM Security Technical Implementation Guide V-223422CAT ICA-ACF2 OPTS GSO record must be set to ABORT mode.IBM z/OS ACF2 Security Technical Implementation Guide V-223540CAT IIThe IBM z/OS system administrator (SA) must develop a process notify appropriate personnel when accounts are removed.IBM z/OS ACF2 Security Technical Implementation Guide V-223541CAT IIThe IBM z/OS system administrator (SA) must develop a process notify appropriate personnel when accounts are modified.IBM z/OS ACF2 Security Technical Implementation Guide V-223542CAT IIThe IBM z/OS system administrator (SA) must develop a process notify appropriate personnel when accounts are deleted.IBM z/OS ACF2 Security Technical Implementation Guide V-223543CAT IIThe IBM z/OS system administrator (SA) must develop a process notify appropriate personnel when accounts are created.IBM z/OS ACF2 Security Technical Implementation Guide V-223579CAT IIIBM z/OS system administrator must develop a procedure to notify system administrators (SAs) and information system security officers (ISSOs) of account enabling actions.IBM z/OS ACF2 Security Technical Implementation Guide V-223760CAT IIBM RACF must be installed and active on the system.IBM z/OS RACF Security Technical Implementation Guide V-223762CAT IIThe IBM z/OS system administrator (SA) must develop a process to notify appropriate personnel when accounts are created.IBM z/OS RACF Security Technical Implementation Guide V-223763CAT IIThe IBM z/OS system administrator (SA) must develop a process to notify appropriate personnel when accounts are modified.IBM z/OS RACF Security Technical Implementation Guide V-223764CAT IIThe IBM z/OS system administrator (SA) must develop a process to notify appropriate personnel when accounts are deleted.IBM z/OS RACF Security Technical Implementation Guide V-223765CAT IIThe IBM z/OS system administrator (SA) must develop a process to notify appropriate personnel when accounts are removed.IBM z/OS RACF Security Technical Implementation Guide V-223766CAT IIThe IBM z/OS system administrator (SA) must develop a process to notify information system security officers (ISSOs) of account enabling actions.IBM z/OS RACF Security Technical Implementation Guide V-223876CAT ICA-TSS MODE Control Option must be set to FAIL.IBM z/OS TSS Security Technical Implementation Guide V-224013CAT IIThe IBM z/OS system administrator (SA) must develop a process to notify appropriate personnel when accounts are created.IBM z/OS TSS Security Technical Implementation Guide V-224014CAT IIThe IBM z/OS system administrator (SA) must develop a process to notify appropriate personnel when accounts are modified.IBM z/OS TSS Security Technical Implementation Guide V-224015CAT IIThe IBM z/OS system administrator (SA) must develop a process to notify appropriate personnel when accounts are deleted.IBM z/OS TSS Security Technical Implementation Guide V-224016CAT IIThe IBM z/OS system administrator (SA) must develop a process to notify appropriate personnel when accounts are removed.IBM z/OS TSS Security Technical Implementation Guide V-224037CAT IIIBM z/OS system administrator (SA) must develop a procedure to notify SAs and information system security officers (ISSOs) of account enabling actions.IBM z/OS TSS Security Technical Implementation Guide V-237897CAT ICA VM:Secure product Rules Facility must be installed and operating.IBM zVM Using CA VM:Secure Security Technical Implementation Guide V-237898CAT IThe IBM z/VM TCP/IP DTCPARMS files must be properly configured to connect to an external security manager.IBM zVM Using CA VM:Secure Security Technical Implementation Guide V-241796CAT IIThe Jamf Pro EMM server must be configured to leverage the MDM platform user accounts and groups for Jamf Pro EMM server user identification and CAC authentication.Jamf Pro v10.x EMM Security Technical Implementation Guide V-241797CAT IIAuthentication of Jamf Pro EMM server accounts must be configured so they are implemented either via an Authentication Gateway Service (AGS) which connects to the site DoD Identity Access Management (IdAM) environment that utilizes CAC authentication or via strong password controls for the administrator local accounts.Jamf Pro v10.x EMM Security Technical Implementation Guide V-229021CAT IIIThe Juniper SRX Services Gateway must allow only the information system security manager (ISSM) (or administrators/roles appointed by the ISSM) to select which auditable events are to be generated and forwarded to the syslog and/or local logs.Juniper SRX Services Gateway NDM Security Technical Implementation Guide V-229022CAT IIIFor local logging, the Juniper SRX Services Gateway must generate a message to the system management console when a log processing failure occurs.Juniper SRX Services Gateway NDM Security Technical Implementation Guide V-229023CAT IIIn the event that communications with the events server is lost, the Juniper SRX Services Gateway must continue to queue log records locally.Juniper SRX Services Gateway NDM Security Technical Implementation Guide V-229025CAT IThe Juniper SRX Services Gateway must be configured to use a centralized authentication server to authenticate privileged users for remote and nonlocal access for device management.Juniper SRX Services Gateway NDM Security Technical Implementation Guide V-242381CAT IThe Kubernetes Controller Manager must create unique service accounts for each work payload.Kubernetes Security Technical Implementation Guide V-213858CAT IISQL Server authentication and identity management must be integrated with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.MS SQL Server 2014 Instance Security Technical Implementation Guide V-213900CAT ISQL Server databases must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.MS SQL Server 2016 Database Security Technical Implementation Guide V-213930CAT ISQL Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.MS SQL Server 2016 Instance Security Technical Implementation Guide V-213931CAT IISQL Server must be configured to utilize the most-secure authentication method available.MS SQL Server 2016 Instance Security Technical Implementation Guide V-205444CAT IIThe Mainframe Product must use an external security manager for all account management functions.Mainframe Product Security Requirements Guide V-205531CAT IIThe Mainframe Product must notify system programmers and security administrators when accounts are created.Mainframe Product Security Requirements Guide V-205532CAT IIThe Mainframe Product must notify system programmers and security administrators when accounts are modified.Mainframe Product Security Requirements Guide V-205533CAT IIThe Mainframe Product must notify system programmers and security administrators for account disabling actions.Mainframe Product Security Requirements Guide V-205534CAT IIThe Mainframe Product must notify system programmers and security administrators for account removal actions.Mainframe Product Security Requirements Guide V-205542CAT IIThe Mainframe Product must notify system programmers and security administrators of account enabling actions.Mainframe Product Security Requirements Guide V-253667CAT IMariaDB must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.MariaDB Enterprise 10.x Security Technical Implementation Guide V-220340CAT IIMarkLogic Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.MarkLogic Server v9 Security Technical Implementation Guide V-255301CAT IAzure SQL Databases must integrate with Azure Active Directory for providing account management and automation for all users, groups, roles, and any other principals.Microsoft Azure SQL Database Security Technical Implementation Guide V-255302CAT IAzure SQL Database must enforce approved authorizations for logical access to server information and system resources in accordance with applicable access control policies.Microsoft Azure SQL Database Security Technical Implementation Guide V-276225CAT IAzure SQL Managed Instances must integrate with Microsoft Entra ID for providing account management and automation for all users, groups, roles, and any other principals.Microsoft Azure SQL Managed Instance Security Technical Implementation Guide V-270255CAT IIMicrosoft Entra ID must notify system administrators (SAs) and the information system security officer (ISSO) when privileges are being requested.Microsoft Entra ID Security Technical Implementation Guide V-271118CAT ISQL Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.Microsoft SQL Server 2022 Database Security Technical Implementation Guide V-271264CAT ISQL Server must be configured to use the most-secure authentication method available.Microsoft SQL Server 2022 Instance Security Technical Implementation Guide V-271265CAT ISQL Server must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.Microsoft SQL Server 2022 Instance Security Technical Implementation Guide V-260909CAT IIMKE must be configured to integrate with an Enterprise Identity Provider.Mirantis Kubernetes Engine Security Technical Implementation Guide V-91821CAT IIAuthentication of MDM platform accounts must be configured so they are implemented via an enterprise directory service.MobileIron Core v10.x MDM Security Technical Implementation Guide V-221158CAT IMongoDB must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.MongoDB Enterprise Advanced 3.x Security Technical Implementation Guide V-252149CAT IMongoDB must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.MongoDB Enterprise Advanced 4.x Security Technical Implementation Guide V-265905CAT IMongoDB must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.MongoDB Enterprise Advanced 7.x Security Technical Implementation Guide V-279332CAT IMongoDB must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.MongoDB Enterprise Advanced 8.x Security Technical Implementation Guide V-279541CAT IINutanix OS must audit all account change actions.Nutanix Acropolis GPOS Security Technical Implementation Guide V-219749CAT IIThe system must employ automated mechanisms for supporting Oracle user account management.Oracle Database 11.2g Security Technical Implementation Guide V-220265CAT IThe system must employ automated mechanisms for supporting Oracle user account management.Oracle Database 12c Security Technical Implementation Guide V-270499CAT IOracle Database must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.Oracle Database 19c Security Technical Implementation Guide V-248740CAT IIOL 8 must generate audit records for all account creation events that affect "/etc/shadow".Oracle Linux 8 Security Technical Implementation Guide V-248741CAT IIOL 8 must generate audit records for all account creation events that affect "/etc/security/opasswd".Oracle Linux 8 Security Technical Implementation Guide V-248742CAT IIOL 8 must generate audit records for all account creation events that affect "/etc/passwd".Oracle Linux 8 Security Technical Implementation Guide V-248743CAT IIOL 8 must generate audit records for all account creation events that affect "/etc/gshadow".Oracle Linux 8 Security Technical Implementation Guide V-248744CAT IIOL 8 must generate audit records for all account creation events that affect "/etc/group".Oracle Linux 8 Security Technical Implementation Guide V-248745CAT IIOL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/sudoers".Oracle Linux 8 Security Technical Implementation Guide V-248746CAT IIOL 8 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/sudoers.d/".Oracle Linux 8 Security Technical Implementation Guide V-271527CAT IIOL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.Oracle Linux 9 Security Technical Implementation Guide V-271528CAT IIOL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory.Oracle Linux 9 Security Technical Implementation Guide V-271529CAT IIOL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.Oracle Linux 9 Security Technical Implementation Guide V-271530CAT IIOL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.Oracle Linux 9 Security Technical Implementation Guide V-271531CAT IIOL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.Oracle Linux 9 Security Technical Implementation Guide V-271532CAT IIOL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.Oracle Linux 9 Security Technical Implementation Guide V-271533CAT IIOL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.Oracle Linux 9 Security Technical Implementation Guide V-235095CAT IMySQL Database Server 8.0 must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.Oracle MySQL 8.0 Security Technical Implementation Guide V-253523CAT IIAccess to Prisma Cloud Compute must be managed based on user need and least privileged using external identity providers for authentication and grouping to role-based assignments when possible.Palo Alto Networks Prisma Cloud Compute Security Technical Implementation Guide V-214052CAT IPostgreSQL must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.PostgreSQL 9.x Security Technical Implementation Guide V-252843CAT IRancher MCM must use a centralized user management solution to support account management functions. For accounts using password authentication, the container platform must use FIPS-validated SHA-2 or later protocol to protect the integrity of the password authentication process.Rancher Government Solutions Multi-Cluster Manager Security Technical Implementation Guide V-254554CAT IIRKE2 must use a centralized user management solution to support account management functions.Rancher Government Solutions RKE2 Security Technical Implementation Guide V-281154CAT IIRHEL 10 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/sudoers".Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-281155CAT IIRHEL 10 must generate audit records for all account creations, modifications, disabling, and termination events that affect the "/etc/sudoers.d/" directory.Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-281156CAT IIRHEL 10 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/group".Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-281157CAT IIRHEL 10 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/gshadow".Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-281158CAT IIRHEL 10 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/opasswd".Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-281159CAT IIRHEL 10 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/passwd".Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-281160CAT IIRHEL 10 must generate audit records for all account creations, modifications, disabling, and termination events that affect "/etc/shadow".Red Hat Enterprise Linux 10 Security Technical Implementation Guide V-258217CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258218CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/sudoers.d/ directory.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258219CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258220CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258221CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258222CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-258223CAT IIRHEL 9 must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-272488CAT IIRHEL 9 must have the Postfix package installed.Red Hat Enterprise Linux 9 Security Technical Implementation Guide V-257507CAT IIOpenShift must use a centralized user management solution to support account management functions.Red Hat OpenShift Container Platform 4.12 Security Technical Implementation Guide V-257508CAT IIThe kubeadmin account must be disabled.Red Hat OpenShift Container Platform 4.12 Security Technical Implementation Guide V-257507CAT IIOpenShift must use a centralized user management solution to support account management functions.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-257508CAT IIThe kubeadmin account must be disabled.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-257511CAT IIOpenShift must generate audit rules to capture account related actions.Red Hat OpenShift Container Platform 4.x Security Technical Implementation Guide V-251184CAT IRedis Enterprise DBMS must integrate with an organization-level authentication/access mechanism providing account management and automation for all users, groups, roles, and any other principals.Redis Enterprise 6.x Security Technical Implementation Guide V-275713CAT IIUbuntu OS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.Riverbed NetIM OS Security Technical Implementation Guide V-275714CAT IIUbuntu OS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/gshadow.Riverbed NetIM OS Security Technical Implementation Guide V-275715CAT IIUbuntu OS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.Riverbed NetIM OS Security Technical Implementation Guide V-275716CAT IIUbuntu OS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.Riverbed NetIM OS Security Technical Implementation Guide V-275717CAT IIUbuntu OS must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.Riverbed NetIM OS Security Technical Implementation Guide V-254088CAT IIInnoslate must provide automated mechanisms for supporting account management functions.SPEC Innovations Innoslate 4.x Security Technical Implementation Guide V-217205CAT IIThe SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/passwd.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-217206CAT IIThe SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/group.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-217207CAT IIThe SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/shadow.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-217208CAT IIThe SUSE operating system must generate audit records for all account creations, modifications, disabling, and termination events that affect /etc/opasswd.SUSE Linux Enterprise Server 12 Security Technical Implementation Guide V-225649CAT IThe Samsung SDS EMM server must be configured to use one-time password in addition to username and password for administrator logon to the server.Samsung SDS EMM Security Technical Implementation Guide V-245525CAT IThe Samsung SDS EMM must be configured to leverage the MDM platform administrator accounts and groups for Samsung SDS EMM user identification and CAC authentication.Samsung SDS EMM Security Technical Implementation Guide V-245526CAT IAuthentication of MDM platform accounts must be configured so they are implemented via an enterprise directory service.Samsung SDS EMM Security Technical Implementation Guide V-221939CAT IIISplunk Enterprise must notify the system administrator (SA) and information system security officer (ISSO) when account events are received (creation, deletion, modification, disabling).Splunk Enterprise 7.x for Windows Security Technical Implementation Guide V-221940CAT IIISplunk Enterprise must notify analysts of applicable events for Tier 2 CSSP and JRSS only.Splunk Enterprise 7.x for Windows Security Technical Implementation Guide V-251658CAT IIISplunk Enterprise must notify the system administrator (SA) and information system security officer (ISSO) when account events are received (creation, deletion, modification, or disabling).Splunk Enterprise 8.x for Linux Security Technical Implementation Guide V-240988CAT IIThe Tanium Server must be configured with a connector to sync to Microsoft Active Directory for account management functions, must isolate security functions from non-security functions, and must terminate shared/group account credentials when members leave the group.Tanium 7.0 Security Technical Implementation Guide V-240989CAT IIThe Tanium Server must be configured to only use Microsoft Active Directory for account management functions.Tanium 7.0 Security Technical Implementation Guide V-234049CAT IIThe Tanium Application Server must be configured to only use Microsoft Active Directory for account management functions.Tanium 7.3 Security Technical Implementation Guide V-254881CAT IIThe Tanium Application Server must be configured to only use LDAP for account management functions.Tanium 7.x Application on TanOS Security Technical Implementation Guide V-254923CAT IITanium must notify system administrator (SA) and the information system security officer (ISSO) when accounts are created.Tanium 7.x Application on TanOS Security Technical Implementation Guide V-254924CAT IITanium must notify system administrators (SAs) and the information system security officer (ISSO) when accounts are modified.Tanium 7.x Application on TanOS Security Technical Implementation Guide V-254925CAT IITanium must notify system administrators (SAs) and the information system security officer (ISSO) for account disabling actions.Tanium 7.x Application on TanOS Security Technical Implementation Guide V-254926CAT IITanium must notify system administrators (SAs) and the information system security officer (ISSO) for account removal actions.Tanium 7.x Application on TanOS Security Technical Implementation Guide V-254929CAT IITanium must notify the system administrator (SA) and information system security officer (ISSO) of account enabling actions.Tanium 7.x Application on TanOS Security Technical Implementation Guide